DOCKET NO.: MSFT-2786/3 05794.1 PATENT 
Application No.: 1 0/72 1 ,562 REPLY FILED UNDER EXPEDITED 

Office Action Dated: May 14, 2007 PROCEDURE PURSUANT TO 

37 CFR § 1.116 

This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1-8. (canceled) 

9. (currently amended) A method of protecting a virtual memory comprising: 

storing data in a plurality of pages of a volatile memory; 

determining to move contents of a first one of said plurality of pages from said 
volatile memory to a paging file stored on a disk; 

providing said contents to a file system with instructions to store said contents 
in a paging file, said paging file being marked for encryption, said file system causing said 
contents to be encrypted with a key prior to storing said contents in said paging file, said key 
being required to decrypt information contained in said paging file, said key being stored in a 
manner such that a reboot of a machine on which said key is stored causes said key to be lost^ 
and 

prior to generation of said kev. reserving a block of said volatile memorv for 
use as a workspace, wherebv use of the workspace avoids the need to copv volatile memorv 
contents to disk prior to generation of the session kev . 

10. (Original) The method of claim 9, further comprising: 

generating said key upon a boot of said machine. 

1 1 . (canceled) 

12. (previously presented) The method of claim 9, wherein the file system causes said 
contents to be encrypted by communicating with an encryption component, the encryption 
component encrjrpting files that have been marked by the file system for encryption. 

13. (currently amended) The method of claim 12, further comprising: A method of 
protecting a virtual memorv comprising: 

storing data in a plurality of pages of a volatile memorv: 

determining to move contents of a first one of said pluralitv of pages from said 
volatile memorv to a paging file stored on a disk: 
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providing said contents to a file system with instructions to store said contents 



in a paging file, said paging file being marked for encryption, said file system causing said 
contents to be encrypted with a key prior to storing said contents in said paging file, said key 
being required to decrypt information contained in said paging file, said key being stored in a 
manner such that a reboot of a machine on which said key is stored causes said key to be lost, 
wherein the file system causes said contents to be encrypted by communicating with an 
encryption component, the encryption component encrypting files that haye been marked by 
the file system for encryption; and 

reserving a block of said volatile memory in which data may be passed back 
and forth between the file system and the encryption component. 

14. (currently amended) A system for maintaining an encrypted paging file that stores 
virtual memory data for a computer, the system comprising: 

an encryption component that receives data and performs encryption and 
decryption operations on said data using a key; 

a mechanism that generates said key; 

a storage location in the computer that stores said key in a manner that causes 
said key not to persist across boots of the computer; and 

a virtual memory manager that copies or moves data from volatile memory to 
disk by requesting that a file system store the copied or moved data in a paging file, the file 
system calling upon the encryption component to encrypt the copied or moved data with said 
key^ 

wherein the encryption component reserves a block of memory upon startup . 

15. (canceled) 

16. (currently amended) The system of claim [[15]] H, wherein the block of memory 
is used as a workspace for the encryption component prior to generation of said key, whereby 
sufficient space for storage of said encryption component's operating data exists in said 
volatile memory prior to generation of said key. 
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17. (currently amended) The system of claim [[15]] H, wherein the block of memory 
is used as a buffer to pass information between the file system and the encryption component. 

18. (Original) The system of claim 14, wherein said key is generated before said 
virtual memory manager directs the storage of data into the paging file. 

19. (Original) The system of claim 14, wherein said key is stored in said volatile 
memory, and wherein no copy of said key is stored in any non-volatile memory or storage 
device of the computer. 

20. (currently amended) A computer-readable storage medium encoded with 
computer executable instructions to perform a method that takes place upon startup of a 
computer, the method comprising: 

generating a session key; 

storing said session key in a non-persistent manner that does not survive 
across machine boots; 

retrieving information indicating that virtual memory data stored on disk is to 

be encrypted; 

marking a paging file as an encrypted file; 

receiving, from a memory manager, data from a volatile storage device that is 
to be stored on disk in the paging file; and 

protecting the received data from observation by encrypting the received data 
with a session key prior to storing said data in the paging file; 

reserving a block of memorv prior to generation of the session kev. wherein 
the block of memorv is used either as: 

a buffer to pass data between a file svstem that maintains the paging 
file and an encryption component that performs encryption and decryption of the data with 
the session key; and 



a workspace usable by the encryption component prior to generation of 



the session key . 



21. (canceled) 
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22. (previously presented) The computer-readable storage medium of claim 20, 
wherein the session key is stored in the volatile storage device, and no copy of the session 
key is stored on disk. 

23. (canceled) 

24. (new) The method of claim 13, further comprising: 



25. (new) A computer-readable storage medium comprising executable instructions to 
perform a method of protecting a virtual memory, the method comprising: 

storing data in a plurality of pages of a volatile memory; 

determining to move contents of a first one of said plurality of pages from said 
volatile memory to a paging file stored on a disk; 

providing said contents to a file system with instructions to store said contents 
in a paging file, said paging file being marked for encryption, said file system causing said 
contents to be encrypted with a key prior to storing said contents in said paging file, said key 
being required to decrypt information contained in said paging file, said key being stored in a 
manner such that a reboot of a machine on which said key is stored causes said key to be lost, 
wherein the file system causes said contents to be encrypted by communicating with an 
encryption component, the encryption component encrypting files that have been marked by 
the file system for encrj^tion; and 

reserving a block of said volatile memory in which data may be passed back 
and forth between the file system and the encryption component. 

26. (new) The computer-readable storage medium of claim 25, wherein the method 
further comprises: 

generating said key upon a boot of said machine. 

27. (new) The method of claim 9, wherein encryption of said contents is performed 
according to one or more of the following algorithms: 

Data Encryption Standard (DES); 



generating said key upon a boot of said machine. 
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Triple-DES (3DES); or 

Advanced Encryption Standard (AES). 

28. (new) The method of claim 13, wherein encryption of said contents is performed 
according to one or more of the following algorithms: 

Data Encryption Standard (DES); 

Triple-DES (3DES); or 

Advanced Encryption Standard (AES). 

29. (new) The system of claim 14, wherein the encryption component encrjrpts 
encryption the data according to one or more of the following algorithms: 



30. (new) The computer-readable storage medium of claim 20, wherein said 
encryption component performs encryption according to one or more of the following 
algorithms: 

Data Encryption Standard (DES); 

Triple-DES (3DES); or 

Advanced Encryption Standard (AES). 

31. (new) The computer-readable storage medium of claim 25, wherein encryption of 
said contents is performed according to one or more of the following algorithms: 



Data Encryption Standard (DES); 

Triple-DES (3DES); or 

Advanced Encryption Standard (AES). 



Data Encryption Standard (DES); 

Triple-DES (3DES); or 

Advanced Encryption Standard (AES). 
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